smmpanel12.gq/ar/card.php
69.49.228.241200 OK 5.2 kB URL User Request GET HTTP/1.1 smmpanel12.gq/ar/card.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 479879023d9df79066a2398fd971df0b
36ec835626f5eab19ced508797cc85eb156df5d1
5001ea6cb44ef4642487459da2998b9012fabb2dcaa1be5ce6a007d1d56462ce
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/card.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:16 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/res/style.css
69.49.228.241200 OK 579 B URL GET HTTP/1.1 smmpanel12.gq/ar/res/style.css
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type assembler source, ASCII text, with CRLF line terminators
Hash b8d809f6de467a55b855fa7e2049ac57
2deee8f233bfcc5d268810aaa785662796a37a8f
1fca1cb3d8a3f4947a3b0e27ceb711e8bdb19fc6767d893846ad9fa3f870512e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/res/style.css HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Last-Modified: Wed, 18 May 2022 19:48:00 GMT
Accept-Ranges: bytes
Content-Length: 579
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
smmpanel12.gq/ar/res/ksa-flag.png
69.49.228.241200 OK 7.8 kB URL GET HTTP/1.1 smmpanel12.gq/ar/res/ksa-flag.png
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type PNG image data, 400 x 267, 8-bit colormap, non-interlaced\012- data
Hash a2fd19fbe98a16cbdd4348129b9ae2ca
35703e91ff0dd4ce4648e2be2d19916080e16008
913c19c1e7fa678e83811cc73b2c1bbb3747245549ed2625f8dabbd1efd85598
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/res/ksa-flag.png HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Last-Modified: Tue, 28 Jun 2022 20:04:26 GMT
Accept-Ranges: bytes
Content-Length: 7784
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
smmpanel12.gq/ar/res/logo.svg
69.49.228.241200 OK 1.9 kB URL GET HTTP/1.1 smmpanel12.gq/ar/res/logo.svg
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1159)
Hash c9356849e6da611473cda01482c688e9
d548bc9cea9d5fc66f0f7d14cdd7fa876a5c0d33
135b3e975a07622009b38d953e58526082588b1ad0795820c50af504742e1646
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/res/logo.svg HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2022 21:46:50 GMT
Accept-Ranges: bytes
Content-Length: 1872
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrFpiQ.woff2
142.250.74.131200 OK 9.9 kB URL GET HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrFpiQ.woff2
IP 142.250.74.131:443
Requested by http://smmpanel12.gq/ar/card.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 9896, version 1.0\012- data
Hash aa4852cf009cd00f29f2f1f4f2b5fc3e
646b8b7097164568bcc3c6f0bceb44e60e9f1c79
d2c657214a232704251c3ad2733fefde88159c61e9b30b424502acabd6ff7427
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 02:16:20 GMT
expires: Fri, 31 May 2024 02:16:20 GMT
cache-control: public, max-age=31536000
age: 417598
last-modified: Wed, 27 Apr 2022 16:08:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrRpiYlJ.woff2
142.250.74.131200 OK 8.2 kB URL GET HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrRpiYlJ.woff2
IP 142.250.74.131:443
Requested by http://smmpanel12.gq/ar/card.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 8160, version 1.0\012- data
Hash ac0d9be1f7368da20241ad280be67094
1e47eb056eba0c85159db634151eb3e1321341cf
d30e711f0414c6b8e6ebcf0d30b638a7e75aabc49d7a83c46bd1509a910f9b60
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l5qjHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 21:52:08 GMT
expires: Sun, 02 Jun 2024 21:52:08 GMT
cache-control: public, max-age=31536000
age: 174250
last-modified: Wed, 27 Apr 2022 16:06:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
smmpanel12.gq/ar/res/m.js
69.49.228.241200 OK 23 kB URL GET HTTP/1.1 smmpanel12.gq/ar/res/m.js
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
Hash 24992f1ed62baf9393609f3c6c2ad20e
34716cf70f7f7a9cd072e7796c34ce987f85d18c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/res/m.js HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Last-Modified: Sun, 26 Dec 2021 07:07:50 GMT
Accept-Ranges: bytes
Content-Length: 23176
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
smmpanel12.gq/ar/res/jq.js
69.49.228.241200 OK 90 kB URL GET HTTP/1.1 smmpanel12.gq/ar/res/jq.js
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 3e4bb227fb55271bfe9c9d4a09147bd8
156837f75f6600ccb602b4efcbd393636c33f35e
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /ar/res/jq.js HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 19:56:22 GMT
Accept-Ranges: bytes
Content-Length: 89501
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
smmpanel12.gq/ar/spy.php
69.49.228.241200 OK 0 B IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/spy.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 10
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/resources/img/icons/favicon.ico?v=2
69.49.228.241404 Not Found 315 B URL GET HTTP/1.1 smmpanel12.gq/resources/img/icons/favicon.ico?v=2
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.gq domain
GET /resources/img/icons/favicon.ico?v=2 HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 05 Jun 2023 22:16:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 115757d007b4c398c7ec8fb711679e9e
9d4378bc3cbe2649d450ccbec05a25ee2b17a5a7
5436b24c540e9f17e45b3df99690130080af9b1594a107dba3cbec5020a8c7a3
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:18 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 6393e8898f7e0e1cdbb6b1c20415aa55
54c91d65b0d6d56407fa22f17cd913014f3959ae
690baed907dbb12da45c105df5ac7695e535e0959315cb5109301e7be8ab6bcc
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:19 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 55ca452179d358a9e260709db0439807
fdfb01ce5e51e9d1e7db98fa530290226b9f80e4
4b6c4bddf938caefdfed56e0c67cc66b79d0245be563e504854552aee895ccb2
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:20 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash d4a4a007a371c402f40b7d9216312d39
e56efab8f128216636ed8a23260c66d892a14c0d
b49310c854093f9abf54905f6cc5ada40f347eb34be42dafd65b5e3869df7f6f
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:21 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 74d056d5a28cd6f380d719f85508f438
eea72a4433716ecbf8585d269349e525f869b905
40a09bf568fa78123c52eb625269e0189761caf675597e92789ab398e21126af
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:22 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash b9c39a12dfde60e4fb774907a63e4a93
445ae12bde6e289d456a5e435da41bdc62d713c1
ec5360a20a047252f316bd0727eeb2ab49cdfc5f26c780c5773a8d8ad9d0a678
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:23 GMT
Server: Apache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 122ba981d6d882ee8a65819d1649df0d
0ae374378d81609a9f5120f493a7f2a17c93bf0d
0f8cb59e6067a74a7b1ac1f2642601b2d4871f24b8e6df40ba9a3ff7f691dcaf
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css2?family=Tajawal:wght@300&display=swap
142.250.74.106200 OK 397 B URL GET HTTP/3 fonts.googleapis.com/css2?family=Tajawal:wght@300&display=swap
IP 142.250.74.106:443
Requested by http://smmpanel12.gq/ar/card.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash 9a091a1ab97de87aa3d269f1e4ff8c25
22a373c9f92a4ac227bed9889f467a52d70e325b
50f5947a01b4dfb113e0bedc55e75c3b3cfdb2cf326136d50fb2e1822e7cd037
GET /css2?family=Tajawal:wght@300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Jun 2023 22:16:18 GMT
date: Mon, 05 Jun 2023 22:16:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 0b13dc577c2ba1dc6045d79039a2b4b6
2667f85809777c4e8e33546e2a9580bdd3563ac6
58d9614474858520ae96544153f58651ed11a2a73b8b2b312303ab01f7187465
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:26 GMT
Server: Apache
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 306e6c5e18f4546ee87d7cbf65d75aa9
57ca71dac2614fc25dcca6711ff35b3fd80ef674
9c8e8503524e114c2f1dd57ada485134aea9ec55a645baf424a0e5c4ac65d3df
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:27 GMT
Server: Apache
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 7e822f6f70d5937fa739575124f429aa
f799f363d1e67cfbc6bff4ba373b92cf27c5b139
3484b514a3777d0cc101fadd64e9df2805d248b303b74e4b87a920d1867d1ea7
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:28 GMT
Server: Apache
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash ee5f06af2bd44141625deaa78b508c68
7923bb279f07703146300304ca568eb511f5511b
29033e86a4518d817a44e897bbeb6315437e76e1bdb4fac737ace578afb56678
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:29 GMT
Server: Apache
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
smmpanel12.gq/ar/date.php
69.49.228.241200 OK 21 B URL POST HTTP/1.1 smmpanel12.gq/ar/date.php
IP 69.49.228.241:80
ASN #46606 UNIFIEDLAYER-AS-1
Requested by http://smmpanel12.gq/ar/card.php
File type ASCII text, with no line terminators
Hash 0e47e305ce83ea10dd5afb503fa94305
b08e9aa4fefad1fa34318f6cb5256943efcfe134
ddc1238b5a24a46f875a64e841f967aed4bfd1fc27ae30ae7e3f385b0e1bc76f
NIDS Severity Alert suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
suricata medium ET INFO HTTP POST Request to Suspicious *.gq domain
suricata medium ET INFO HTTP Request to a *.gq domain
POST /ar/date.php HTTP/1.1
Host: smmpanel12.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 6
Origin: http://smmpanel12.gq
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/ar/card.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 22:16:30 GMT
Server: Apache
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css2?family=Mulish
142.250.74.106200 OK 1.7 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Mulish
IP 142.250.74.106:443
Requested by http://smmpanel12.gq/ar/card.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (1780), with no line terminators
Hash dc6dc008c45d417d011e300c01c175aa
15116c0e08a606835fc8a1931e48cc294d1b194b
18869af2b82082b9d1c1253d4d3de16416afe8ea67b7b89b0fad9d3500e2e47e
GET /css2?family=Mulish HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Jun 2023 22:16:18 GMT
date: Mon, 05 Jun 2023 22:16:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js
188.114.96.1200 OK 219 kB URL GET HTTP/2 rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js
IP 188.114.96.1:443
Requested by http://smmpanel12.gq/ar/card.php
Certificate IssuerGoogle Trust Services LLC
Subjectrawgit.com
FingerprintB8:43:DE:8C:51:33:BC:7D:B2:08:EA:68:B5:CD:88:C3:0A:87:F9:24
ValiditySat, 06 May 2023 00:15:00 GMT - Fri, 04 Aug 2023 00:14:59 GMT
Size 219 kB (219207 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js HTTP/1.1
Host: rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://smmpanel12.gq/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 22:16:18 GMT
content-type: application/javascript;charset=utf-8
x-content-type-options: nosniff
x-robots-tag: none
access-control-allow-origin: *
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
sunset: Tue, 01 Oct 2019 00:00:00 GMT
etag: W/"239e0cb721224bc76940cfad39ef0f2ecf1de110e9a777ecc9e2fefa91c0fe7b"
cache-control: max-age=3600, s-maxage=300
vary: Accept-Encoding
rawgit-cache-status: HIT
cf-cache-status: HIT
age: 156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Aa0UwEjW9pTLH%2BAH6qsCvZ3Bp1JYwPleM4Yg2Ug0NaW1T4aQz7B1IyaXZc9EYBRECPz6uBAfh0CLLxeEFgn5S52N%2FeUezqxVO3boRO0P4IR2QJ0gampm0rz4VXC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; preload
server: cloudflare
cf-ray: 7d2bc778aa93b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2